CompTIA Exam CS0-003 Topic 4 Question 46 Discussion

Actual exam question for CompTIA's CS0-003 exam

Question #: 46
Topic #: 4

A payroll department employee was the target of a phishing attack in which an attacker impersonated a department director and requested that direct deposit information be updated to a new account. Afterward, a deposit was made into the unauthorized account. Which of the following is one of the first actions the incident response team should take when they receive notification of the attack?

AScan the employee's computer with virus and malware tools.

BReview the actions taken by the employee and the email related to the event

CContact human resources and recommend the termination of the employee.

DAssign security awareness training to the employee involved in the incident.

Show Suggested Answer

Suggested Answer: B

In case of a phishing attack, it's crucial to review what actions were taken by the employee and analyze the phishing email to understand its nature and impact.Reference:CompTIA CySA+ Study Guide: Exam CS0-003, 3rd Edition, Chapter 6, page 246;CompTIA CySA+ CS0-003 Certification Study Guide, Chapter 6, page 255.

by Lorriane at Jul 09, 2025, 04:02 PM

Limited Time Offer

25%

Off

Get Premium CS0-003 Questions as Interactive Web-Based Practice Test or PDF